pol88attacker.buzz Open in urlscan Pro
2606:4700:3031::6815:2f89  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response pol88attacker.buzz/	80 KB 15 KB	495ms 464ms	Document text/html	2606:4700:3031::6815:2f89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pol88attacker.buzz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:2f89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c33f557229351679015a21d028a2c4d6ba6baac1f8c0f5d5099666a76f440b9f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8bb76e81aa6d4384-EWR content-encoding br content-type text/html date Fri, 30 Aug 2024 20:11:44 GMT last-modified Fri, 30 Aug 2024 18:07:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yDGEHTz4zbFHpRzvrSvHGFrTkzr5sb%2FceXjxaM3GxYM9FoRv9iJAzht86ERlFWPZMoh5xBLyMHPougU%2F4M4YOar2rPMXExFCWvXn8aBhr21pN37SLSMDu9%2BuKcVr7n%2FGvCkCMzSUSCRwrCTRNDS7Ni8%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	iX9QTygByObqfYEQgveGqcRMiNAbTzMPqdppqGV4MOJfecGJXnX1IyvhF2jtFRZLFRZqwA9DZRs8FAjaFQbX5ejt52buZQZ8e6MKfcBRiAuTdKu3Scv7f6Rwk3IbMg6BJMJ7f6RBk3IbMg6YJMJ7f6RFk3IbMg6VJMJ7f6Rek3IbMg6sJMHbMLdYU_je.js Show response use.typekit.net/ik/	17 KB 7 KB	45ms 14ms	Script text/javascript	2600:141b:1c00:8::1728:b32c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/ik/iX9QTygByObqfYEQgveGqcRMiNAbTzMPqdppqGV4MOJfecGJXnX1IyvhF2jtFRZLFRZqwA9DZRs8FAjaFQbX5ejt52buZQZ8e6MKfcBRiAuTdKu3Scv7f6Rwk3IbMg6BJMJ7f6RBk3IbMg6YJMJ7f6RFk3IbMg6VJMJ7f6Rek3IbMg6sJMHbMLdYU_je.js Requested by Host: pol88attacker.buzz URL: https://pol88attacker.buzz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:1c00:8::1728:b32c Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash a6f6df05e0eec1aaaa4bcc1c5f8851df81e80f45285ce40507b660f67ad4fcd1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; Request headers Referer https://pol88attacker.buzz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; content-encoding gzip date Fri, 30 Aug 2024 20:11:44 GMT server nginx vary Accept-Encoding content-type text/javascript;charset=utf-8 access-control-allow-origin * cache-control public, max-age=604800 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 6678
GET H2	200	css2 fonts.googleapis.com/	4 KB 898 B	55ms 28ms	Stylesheet text/css	2607:f8b0:4006:81e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,700;1,300 Requested by Host: pol88attacker.buzz URL: https://pol88attacker.buzz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 851f6306bd352041009fdb4f3d399f68d18d54fc9aef4529bc964b80861895d0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pol88attacker.buzz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 30 Aug 2024 20:11:44 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 30 Aug 2024 19:34:51 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 30 Aug 2024 20:11:44 GMT
GET H/1.1	200 OK	modern.js Show response assets.squarespace.com/@sqs/polyfiller/1.6/	115 KB 42 KB	23ms 15ms	Script text/javascript	23.204.23.219 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://assets.squarespace.com/@sqs/polyfiller/1.6/modern.js Requested by Host: pol88attacker.buzz URL: https://pol88attacker.buzz/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.204.23.219 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-204-23-219.deploy.static.akamaitechnologies.com Software UploadServer / Resource Hash 54e832663426c696b1f603379026e5e15720e8c812bbbc60d63aa2ad8a479f75 Request headers Referer https://pol88attacker.buzz/ Origin https://pol88attacker.buzz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Fri, 30 Aug 2024 20:11:44 GMT Content-Encoding gzip Last-Modified Mon, 31 Oct 2022 21:19:57 GMT Server UploadServer ETag "fe0d53a94823df972dbf107bf190771a" Vary Accept-Encoding Access-Control-Allow-Methods GET, OPTIONS Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control public, max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 42447 Expires Fri, 30 Aug 2024 21:11:44 GMT
GET H/1.1	200 OK	extract-css-runtime-f2920803e18eaeba5f20-min.en-US.js Show response assets.squarespace.com/universal/scripts-compressed/	44 KB 20 KB	5ms 5ms	Script text/javascript	23.204.23.219 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-f2920803e18eaeba5f20-min.en-US.js Requested by Host: pol88attacker.buzz URL: https://pol88attacker.buzz/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.204.23.219 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-204-23-219.deploy.static.akamaitechnologies.com Software UploadServer / Resource Hash 96ba7205f114ccc78cdf3a7b7abe973106c8071f7d3927eb32fc70c86ad374e4 Request headers Referer https://pol88attacker.buzz/ Origin https://pol88attacker.buzz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Fri, 30 Aug 2024 20:11:44 GMT Content-Encoding gzip Last-Modified Fri, 30 Aug 2024 15:01:20 GMT Server UploadServer ETag "f1bdaae16d10c8c9470bf0883f2f33f3" Vary Accept-Encoding Access-Control-Allow-Methods GET, OPTIONS Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control public, max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 20046 Expires Fri, 30 Aug 2024 21:11:44 GMT
GET H/1.1	200 OK	extract-css-moment-js-vendor-6c569122bfa66a51a056-min.en-US.js Show response assets.squarespace.com/universal/scripts-compressed/	1 MB 126 KB	8ms 5ms	Script text/javascript	23.204.23.219 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://assets.squarespace.com/universal/scripts-compressed/extract-css-moment-js-vendor-6c569122bfa66a51a056-min.en-US.js Requested by Host: pol88attacker.buzz URL: https://pol88attacker.buzz/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.204.23.219 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-204-23-219.deploy.static.akamaitechnologies.com Software UploadServer / Resource Hash 94749a9a2a419c6962ea8c3634aee02da5fc8fc73054dc956eeadf710ec90bd5 Request headers Referer https://pol88attacker.buzz/ Origin https://pol88attacker.buzz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Fri, 30 Aug 2024 20:11:44 GMT Content-Encoding gzip Last-Modified Tue, 20 Aug 2024 12:56:42 GMT Server UploadServer ETag "50d4789a0cb66d279781e1b02e14d541" Vary Accept-Encoding Access-Control-Allow-Methods GET, OPTIONS Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control public, max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 128756 Expires Fri, 30 Aug 2024 21:11:44 GMT
GET H/1.1	200 OK	cldr-resource-pack-e85130cf44bc2d365b8b-min.en-US.js Show response assets.squarespace.com/universal/scripts-compressed/	89 KB 20 KB	16ms 7ms	Script text/javascript	23.204.23.219 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://assets.squarespace.com/universal/scripts-compressed/cldr-resource-pack-e85130cf44bc2d365b8b-min.en-US.js Requested by Host: pol88attacker.buzz URL: https://pol88attacker.buzz/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.204.23.219 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-204-23-219.deploy.static.akamaitechnologies.com Software UploadServer / Resource Hash 129b3f7ddf4bee8c1a30382728b10c0f2386eb365827f1b8a6fedabe6b52e390 Request headers Referer https://pol88attacker.buzz/ Origin https://pol88attacker.buzz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Fri, 30 Aug 2024 20:11:44 GMT Content-Encoding gzip Last-Modified Fri, 23 Aug 2024 21:10:22 GMT Server UploadServer ETag "80abdd5c306b8726a061f30edef7977f" Vary Accept-Encoding Access-Control-Allow-Methods GET, OPTIONS Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control public, max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 19868 Expires Fri, 30 Aug 2024 21:11:44 GMT
GET H/1.1	200 OK	common-vendors-stable-b03dd66b7c78e5e40bc7-min.en-US.js Show response assets.squarespace.com/universal/scripts-compressed/	240 KB 80 KB	13ms 4ms	Script text/javascript	23.204.23.219 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-b03dd66b7c78e5e40bc7-min.en-US.js Requested by Host: pol88attacker.buzz URL: https://pol88attacker.buzz/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.204.23.219 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-204-23-219.deploy.static.akamaitechnologies.com Software UploadServer / Resource Hash 423b74beedf0ad7dcb56cadfe978d5b04bd72f344da9592f2ff7573c314320de Request headers Referer https://pol88attacker.buzz/ Origin https://pol88attacker.buzz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Fri, 30 Aug 2024 20:11:44 GMT Content-Encoding gzip Last-Modified Tue, 20 Aug 2024 12:53:29 GMT Server UploadServer ETag "49ee894193216e5157c6770cbc748da0" Vary Accept-Encoding Access-Control-Allow-Methods GET, OPTIONS Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control public, max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 81964 Expires Fri, 30 Aug 2024 21:11:44 GMT
GET H/1.1	200 OK	common-vendors-7598f4eb50a2ef12b555-min.en-US.js Show response assets.squarespace.com/universal/scripts-compressed/	662 KB 201 KB	16ms 6ms	Script text/javascript	23.204.23.219 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://assets.squarespace.com/universal/scripts-compressed/common-vendors-7598f4eb50a2ef12b555-min.en-US.js Requested by Host: pol88attacker.buzz URL: https://pol88attacker.buzz/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.204.23.219 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-204-23-219.deploy.static.akamaitechnologies.com Software UploadServer / Resource Hash 0e6b1caae382fc6d13a4eb006b327d80c3991937d8dc808479c845aa1b863bcd Request headers Referer https://pol88attacker.buzz/ Origin https://pol88attacker.buzz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Fri, 30 Aug 2024 20:11:44 GMT Content-Encoding gzip Last-Modified Wed, 28 Aug 2024 02:30:23 GMT Server UploadServer ETag "69f0c4a33f7714fdf54f74d448003967" Vary Accept-Encoding Access-Control-Allow-Methods GET, OPTIONS Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control public, max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 205316 Expires Fri, 30 Aug 2024 21:11:44 GMT
GET H/1.1	200 OK	common-11bc3fc61d7822ac5843-min.en-US.js Show response assets.squarespace.com/universal/scripts-compressed/	1 MB 444 KB	20ms 11ms	Script text/javascript	23.204.23.219 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://assets.squarespace.com/universal/scripts-compressed/common-11bc3fc61d7822ac5843-min.en-US.js Requested by Host: pol88attacker.buzz URL: https://pol88attacker.buzz/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.204.23.219 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-204-23-219.deploy.static.akamaitechnologies.com Software UploadServer / Resource Hash 38a80d6489cc9ddc3c676a3dc41265bde614225c284641b97f5b375723fa05d7 Request headers Referer https://pol88attacker.buzz/ Origin https://pol88attacker.buzz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Fri, 30 Aug 2024 20:11:44 GMT Content-Encoding gzip Last-Modified Thu, 29 Aug 2024 19:58:21 GMT Server UploadServer ETag "96dc7fcfc696768ade5a0846a8fb8269" Vary Accept-Encoding Access-Control-Allow-Methods GET, OPTIONS Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control public, max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 454477 Expires Fri, 30 Aug 2024 21:11:44 GMT
GET H/1.1	200 OK	user-account-core-3ecf7c2af0d4c40dc489-min.en-US.js Show response assets.squarespace.com/universal/scripts-compressed/	148 KB 57 KB	19ms 10ms	Script text/javascript	23.204.23.219 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://assets.squarespace.com/universal/scripts-compressed/user-account-core-3ecf7c2af0d4c40dc489-min.en-US.js Requested by Host: pol88attacker.buzz URL: https://pol88attacker.buzz/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.204.23.219 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-204-23-219.deploy.static.akamaitechnologies.com Software UploadServer / Resource Hash 3dd64b4192d77bcb246f63f29cb8c18cf5126040b29aa5767c27225c53900cfd Request headers Referer https://pol88attacker.buzz/ Origin https://pol88attacker.buzz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Fri, 30 Aug 2024 20:11:44 GMT Content-Encoding gzip Last-Modified Thu, 29 Aug 2024 14:18:49 GMT Server UploadServer ETag "a853ca24760994345330527be1d30d17" Vary Accept-Encoding Access-Control-Allow-Methods GET, OPTIONS Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control public, max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 57929 Expires Fri, 30 Aug 2024 21:11:44 GMT
GET H/1.1	200 OK	user-account-core-b6e8cafbf34b05da5c2b-min.en-US.css assets.squarespace.com/universal/styles-compressed/	2 KB 2 KB	77ms 8ms	Stylesheet text/css	23.204.23.219 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://assets.squarespace.com/universal/styles-compressed/user-account-core-b6e8cafbf34b05da5c2b-min.en-US.css Requested by Host: pol88attacker.buzz URL: https://pol88attacker.buzz/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.204.23.219 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-204-23-219.deploy.static.akamaitechnologies.com Software UploadServer / Resource Hash 8e815de943351493b2d3859da2d958f71f6d7e46d7ba2aed29fb6d2bc0c2b08a Request headers Referer https://pol88attacker.buzz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Fri, 30 Aug 2024 20:11:44 GMT Content-Encoding gzip Connection keep-alive Content-Length 870 Last-Modified Tue, 20 Aug 2024 12:57:12 GMT Server UploadServer ETag "b5b71cfbb0e2e64f293988d2668ab1c6" Vary Accept-Encoding Report-To {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]} Content-Type text/css Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, OPTIONS Cache-Control public, max-age=3600 Accept-Ranges bytes Cross-Origin-Opener-Policy-Report-Only same-origin; report-to="gfe-default_product_name" Expires Fri, 30 Aug 2024 21:11:44 GMT
GET H/1.1	200 OK	performance-eb022691e09e39c54c48-min.en-US.js Show response assets.squarespace.com/universal/scripts-compressed/	39 KB 13 KB	16ms 16ms	Script text/javascript	23.204.23.219 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://assets.squarespace.com/universal/scripts-compressed/performance-eb022691e09e39c54c48-min.en-US.js Requested by Host: pol88attacker.buzz URL: https://pol88attacker.buzz/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.204.23.219 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-204-23-219.deploy.static.akamaitechnologies.com Software UploadServer / Resource Hash 5b52ca3c358fa7e400d3ae22c2bd04e2490790b5e5bab9f92fe398122abc87c1 Request headers Referer https://pol88attacker.buzz/ Origin https://pol88attacker.buzz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Fri, 30 Aug 2024 20:11:44 GMT Content-Encoding gzip Last-Modified Fri, 23 Aug 2024 21:08:06 GMT Server UploadServer ETag "2f90e3dc17736a23e6dc44c92d16bd43" Vary Accept-Encoding Access-Control-Allow-Methods GET, OPTIONS Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control public, max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 13287 Expires Fri, 30 Aug 2024 21:11:44 GMT
GET H2	200	site.css static1.squarespace.com/static/versioned-site-css/66d1e3f4e5f75448f8845e6e/0/5c5a519771c10ba3470d8101/66d1e3f4e5f75448f8845e77/1560/	1 MB 118 KB	44ms 8ms	Stylesheet text/css	151.101.64.238 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static1.squarespace.com/static/versioned-site-css/66d1e3f4e5f75448f8845e6e/0/5c5a519771c10ba3470d8101/66d1e3f4e5f75448f8845e77/1560/site.css Requested by Host: pol88attacker.buzz URL: https://pol88attacker.buzz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.238 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Squarespace / Resource Hash 64a4179eacebdc578f7f744157833c680bf4574a460188eaf8c875d1cb056e0d Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://pol88attacker.buzz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers tracepoint Fastly date Fri, 30 Aug 2024 20:11:44 GMT content-encoding gzip x-content-type-options nosniff via 1.1 varnish, 1.1 varnish age 17283 x-cache HIT, HIT x-contextid pRif6VNP/MqnHaLgE content-length 120949 x-served-by cache-dfw-kdal2120127-DFW, cache-lga21927-LGA pragma cache server Squarespace x-timer S1725048705.776735,VS0,VE2 vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=94608000 accept-ranges bytes timing-allow-origin * x-cache-hits 1, 0
GET H2	200	static.css static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/versioned-assets/1724874459348-IAPQAMSDO7QQBY5ABI2Q/	227 KB 19 KB	40ms 4ms	Stylesheet text/css	151.101.64.238 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/versioned-assets/1724874459348-IAPQAMSDO7QQBY5ABI2Q/static.css Requested by Host: pol88attacker.buzz URL: https://pol88attacker.buzz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.238 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Squarespace / Resource Hash 62a2984a4e753023dffeca77ec4827433196e145009b74303bc2fa406186e95d Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://pol88attacker.buzz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers tracepoint Fastly date Fri, 30 Aug 2024 20:11:44 GMT content-encoding gzip x-content-type-options nosniff via 1.1 varnish, 1.1 varnish age 174244 x-cache HIT, HIT x-contextid osXEAYRF/JC5mhtKQ content-length 18733 x-served-by cache-dfw-kdfw8210072-DFW, cache-lga21927-LGA pragma cache server Squarespace x-timer S1725048705.776892,VS0,VE0 vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=94608000 accept-ranges bytes timing-allow-origin * x-cache-hits 13, 18037
GET H2	200	logo+%281%29.gif images.squarespace-cdn.com/content/v1/66d1e3f4e5f75448f8845e6e/a761e72c-ba03-4092-a509-82c4bc81264d/	93 KB 93 KB	43ms 7ms	Image image/gif	151.101.192.238 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.squarespace-cdn.com/content/v1/66d1e3f4e5f75448f8845e6e/a761e72c-ba03-4092-a509-82c4bc81264d/logo+%281%29.gif?format=1500w Requested by Host: pol88attacker.buzz URL: https://pol88attacker.buzz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.192.238 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash b954198572862c7877d5cf3b552d80e3497e8a782b18dd3dfddfacd07478e2fd Request headers Referer https://pol88attacker.buzz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers tracepoint Fastly date Fri, 30 Aug 2024 20:11:44 GMT via 1.1 google, 1.1 varnish, 1.1 varnish age 16885 x-cache HIT, HIT content-length 95160 x-served-by cache-iad-kiad7000096-IAD, cache-lga21958-LGA x-timer S1725048705.776820,VS0,VE1 etag CIzeivaCnYgDEAE= vary Accept-Encoding content-type image/gif access-control-allow-origin * access-control-expose-headers Content-Length, Timing-Allow-Origin cache-control max-age=31536000,s-maxage=31536000 accept-ranges bytes timing-allow-origin * x-sqsp-is-public true x-cache-hits 1, 0
GET H2	200	10009034.jpg images.squarespace-cdn.com/content/v1/66d1e3f4e5f75448f8845e6e/6a34337b-70e1-49bf-8c98-bbac29332197/	232 KB 232 KB	52ms 17ms	Image image/jpeg	151.101.192.238 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.squarespace-cdn.com/content/v1/66d1e3f4e5f75448f8845e6e/6a34337b-70e1-49bf-8c98-bbac29332197/10009034.jpg?format=2500w Requested by Host: pol88attacker.buzz URL: https://pol88attacker.buzz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.192.238 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 23ff26f12694f81e922778c3614b1bf41450ae410d6c0e63e8a070999165d149 Request headers Referer https://pol88attacker.buzz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers tracepoint Fastly date Fri, 30 Aug 2024 20:11:44 GMT via 1.1 google, 1.1 varnish, 1.1 varnish age 16885 x-cache HIT, MISS content-length 237278 x-served-by cache-iad-kiad7000060-IAD, cache-lga21958-LGA x-timer S1725048705.776794,VS0,VE9 etag CJrO+8+DnYgDEAE= vary Accept-Encoding content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length, Timing-Allow-Origin cache-control max-age=31536000,s-maxage=31536000 accept-ranges bytes timing-allow-origin * x-sqsp-is-public true x-cache-hits 1, 0
GET H2	200	site-bundle.5ba448b7aa80223d4688bd176bcb7afb.js Show response static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/	258 KB 48 KB	4ms 3ms	Script application/javascript	151.101.64.238 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.5ba448b7aa80223d4688bd176bcb7afb.js Requested by Host: pol88attacker.buzz URL: https://pol88attacker.buzz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.238 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Squarespace / Resource Hash 16b9ada1898d9d51a9dbee20d069ca52b8719ada9600a09f648c8ce2788eda1a Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://pol88attacker.buzz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers tracepoint Fastly date Fri, 30 Aug 2024 20:11:44 GMT content-encoding gzip x-content-type-options nosniff via 1.1 varnish, 1.1 varnish age 67419 x-cache HIT, HIT x-contextid TztcGpiq/vkk8PVSu content-length 48466 x-served-by cache-dfw-kdal2120035-DFW, cache-lga21927-LGA pragma cache server Squarespace x-timer S1725048705.920534,VS0,VE0 vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=94608000 accept-ranges bytes timing-allow-origin * x-cache-hits 8, 5913
GET H2	200	pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v21/	8 KB 8 KB	32ms 7ms	Font font/woff2	2607:f8b0:4006:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,700;1,300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pol88attacker.buzz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 30 Aug 2024 14:59:51 GMT x-content-type-options nosniff age 18713 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7748 x-xss-protection 0 last-modified Fri, 22 Mar 2024 00:01:14 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 30 Aug 2025 14:59:51 GMT
GET H2	200	l use.typekit.net/af/829fc1/00000000000000003b9acaf8/27/	19 KB 19 KB	23ms 7ms	Font application/font-woff2	2600:141b:1c00:8::1728:b32c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/829fc1/00000000000000003b9acaf8/27/l?subset_id=2&fvd=n5&v=3 Requested by Host: pol88attacker.buzz URL: https://pol88attacker.buzz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:1c00:8::1728:b32c Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 841ec96a41283cf23db2d69fe67d9beee3e9b222bccfe81ecf6edefc78e92151 Request headers Referer https://pol88attacker.buzz/ Origin https://pol88attacker.buzz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 30 Aug 2024 20:11:44 GMT server nginx etag "7fe86a8b0e0aad464390eb5e39aa627a47e9886d" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 18988
GET H2	200	pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v21/	8 KB 8 KB	32ms 8ms	Font font/woff2	2607:f8b0:4006:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,700;1,300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pol88attacker.buzz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 30 Aug 2024 20:01:56 GMT x-content-type-options nosniff age 588 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7840 x-xss-protection 0 last-modified Fri, 22 Mar 2024 00:02:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 30 Aug 2025 20:01:56 GMT
GET H2	200	Gambar+WhatsApp+2024-08-29+pukul+17.25.52_e064820a.jpg images.squarespace-cdn.com/content/v1/66d1e3f4e5f75448f8845e6e/bf81c7cd-6185-4838-9b76-7eb76207af77/	226 KB 227 KB	16ms 14ms	Image image/jpeg	151.101.192.238 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.squarespace-cdn.com/content/v1/66d1e3f4e5f75448f8845e6e/bf81c7cd-6185-4838-9b76-7eb76207af77/Gambar+WhatsApp+2024-08-29+pukul+17.25.52_e064820a.jpg?format=1000w Requested by Host: pol88attacker.buzz URL: https://pol88attacker.buzz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.192.238 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 310523bedd45208f0ed31fa89a422f3df5fb330619de3d3597a0efc70cd82717 Request headers Referer https://pol88attacker.buzz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers tracepoint Fastly date Fri, 30 Aug 2024 20:11:44 GMT via 1.1 google, 1.1 varnish, 1.1 varnish age 16885 x-cache HIT, MISS content-length 231701 x-served-by cache-iad-kiad7000152-IAD, cache-lga21958-LGA x-timer S1725048705.964660,VS0,VE9 etag CL+e9YCDnYgDEAE= vary Accept-Encoding content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length, Timing-Allow-Origin cache-control max-age=31536000,s-maxage=31536000 accept-ranges bytes timing-allow-origin * x-sqsp-is-public true x-cache-hits 1, 0
GET H2	200	floating-cart.11c2f1b3c1cb2ba0d418.js Show response static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/	451 B 459 B	4ms 4ms	Script application/javascript	151.101.64.238 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/floating-cart.11c2f1b3c1cb2ba0d418.js Requested by Host: static1.squarespace.com URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.5ba448b7aa80223d4688bd176bcb7afb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.238 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Squarespace / Resource Hash a61ddd7c4db00fa694a870c95e1d2afa9fa3bf7034d92c8f68a341fc21edb053 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://pol88attacker.buzz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers tracepoint Fastly date Fri, 30 Aug 2024 20:11:45 GMT content-encoding gzip x-content-type-options nosniff via 1.1 varnish, 1.1 varnish age 554471 x-cache HIT, HIT x-contextid xiApd6Di/yLGaUXYt content-length 303 x-served-by cache-dfw-kdfw8210163-DFW, cache-lga21927-LGA pragma cache server Squarespace x-timer S1725048705.462688,VS0,VE0 vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=94608000 accept-ranges bytes timing-allow-origin * x-cache-hits 11783, 33499
GET H2	200	l use.typekit.net/af/6d4bb2/00000000000000003b9acafc/27/	18 KB 18 KB	11ms 9ms	Font application/font-woff2	2600:141b:1c00:8::1728:b32c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/6d4bb2/00000000000000003b9acafc/27/l?subset_id=2&fvd=n7&v=3 Requested by Host: pol88attacker.buzz URL: https://pol88attacker.buzz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:1c00:8::1728:b32c Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash ed6051a0f73e874c8f9022913259d82e4ce1e20931143d198fb3897a6bbc4239 Request headers Referer https://pol88attacker.buzz/ Origin https://pol88attacker.buzz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 30 Aug 2024 20:11:45 GMT server nginx etag "97b7c9f4f56c2074bd1fb9bdecb230e994c98ff6" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 18700
GET H2	200	l use.typekit.net/af/18be85/00000000000000003b9acaf9/27/	19 KB 19 KB	13ms 10ms	Font application/font-woff2	2600:141b:1c00:8::1728:b32c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/18be85/00000000000000003b9acaf9/27/l?subset_id=2&fvd=i5&v=3 Requested by Host: pol88attacker.buzz URL: https://pol88attacker.buzz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:1c00:8::1728:b32c Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 85c3a5594b6b182be2065368bbd934dfd6f8686e377d6067439aeb06dc281507 Request headers Referer https://pol88attacker.buzz/ Origin https://pol88attacker.buzz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 30 Aug 2024 20:11:45 GMT server nginx etag "d0a93708ec00980f9301c2d7a46d3c7529a435ea" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 19668
GET H2	200	l use.typekit.net/af/6ce26b/00000000000000003b9acafd/27/	19 KB 19 KB	14ms 12ms	Font application/font-woff2	2600:141b:1c00:8::1728:b32c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/6ce26b/00000000000000003b9acafd/27/l?subset_id=2&fvd=i7&v=3 Requested by Host: pol88attacker.buzz URL: https://pol88attacker.buzz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:1c00:8::1728:b32c Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 8a4b7dd2497ec37fc2cad39a9a11bb20d54a8392d9a79ada17d746da704c70e8 Request headers Referer https://pol88attacker.buzz/ Origin https://pol88attacker.buzz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 30 Aug 2024 20:11:45 GMT server nginx etag "de8a8ae419ea5ddbea36a8436e0fcd851e5ef998" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 19180
GET H/1.1	200 OK	38777-9e13a3be593863a5fbe3-min.en-US.js Show response assets.squarespace.com/universal/scripts-compressed/	52 KB 17 KB	5ms 5ms	Script text/javascript	23.204.23.219 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://assets.squarespace.com/universal/scripts-compressed/38777-9e13a3be593863a5fbe3-min.en-US.js Requested by Host: assets.squarespace.com URL: https://assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-f2920803e18eaeba5f20-min.en-US.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.204.23.219 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-204-23-219.deploy.static.akamaitechnologies.com Software UploadServer / Resource Hash e2dc68f1fb0407b9c45f9812724ca24c1de882cb499812e8efebaab5f997f8f6 Request headers Referer https://pol88attacker.buzz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Fri, 30 Aug 2024 20:11:45 GMT Content-Encoding gzip Last-Modified Thu, 22 Aug 2024 14:35:30 GMT Server UploadServer ETag "757c3ac6884b7c1e4a1283dc9ea974c1" Vary Accept-Encoding Access-Control-Allow-Methods GET, OPTIONS Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control public, max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 16497 Expires Fri, 30 Aug 2024 21:11:45 GMT
GET H/1.1	200 OK	2775-26803601f91618e0a2fe-min.en-US.js Show response assets.squarespace.com/universal/scripts-compressed/	12 KB 4 KB	17ms 6ms	Script text/javascript	23.204.23.219 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://assets.squarespace.com/universal/scripts-compressed/2775-26803601f91618e0a2fe-min.en-US.js Requested by Host: assets.squarespace.com URL: https://assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-f2920803e18eaeba5f20-min.en-US.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.204.23.219 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-204-23-219.deploy.static.akamaitechnologies.com Software UploadServer / Resource Hash 37a5c139431341320b059df50c0721a603ec8f5da9e9879152a238b61f421fc5 Request headers Referer https://pol88attacker.buzz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Fri, 30 Aug 2024 20:11:45 GMT Content-Encoding gzip Last-Modified Thu, 22 Aug 2024 14:34:10 GMT Server UploadServer ETag "75a2cb9652ee875768f666d46392bd77" Vary Accept-Encoding Access-Control-Allow-Methods GET, OPTIONS Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control public, max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 4052 Expires Fri, 30 Aug 2024 21:11:45 GMT
GET H/1.1	200 OK	2356ee25bed07678b7ee-min.en-US.css assets.squarespace.com/universal/styles-compressed/	14 KB 2 KB	14ms 4ms	Stylesheet text/css	23.204.23.219 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://assets.squarespace.com/universal/styles-compressed/2356ee25bed07678b7ee-min.en-US.css Requested by Host: assets.squarespace.com URL: https://assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-f2920803e18eaeba5f20-min.en-US.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.204.23.219 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-204-23-219.deploy.static.akamaitechnologies.com Software UploadServer / Resource Hash 4255b3e8937d02e114d491e449b5755a584038c54cf94bd38cf42fd0fe443ab6 Request headers Referer https://pol88attacker.buzz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Fri, 30 Aug 2024 20:11:45 GMT Content-Encoding gzip Last-Modified Thu, 22 Aug 2024 11:12:42 GMT Server UploadServer ETag "1379188040cf11e09af5ae6bfc3f86de" Vary Accept-Encoding Access-Control-Allow-Methods GET, OPTIONS Content-Type text/css Access-Control-Allow-Origin * Cache-Control public, max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 1920 Expires Fri, 30 Aug 2024 21:11:45 GMT
GET H/1.1	200 OK	async-gdpr-cookie-banner-bf3f4f25a5cc909870ec-min.en-US.js Show response assets.squarespace.com/universal/scripts-compressed/	25 KB 9 KB	15ms 5ms	Script text/javascript	23.204.23.219 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://assets.squarespace.com/universal/scripts-compressed/async-gdpr-cookie-banner-bf3f4f25a5cc909870ec-min.en-US.js Requested by Host: assets.squarespace.com URL: https://assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-f2920803e18eaeba5f20-min.en-US.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.204.23.219 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-204-23-219.deploy.static.akamaitechnologies.com Software UploadServer / Resource Hash 324ac0caa707e5f442d1739090dbadb1162746710c1c27f93d1691998fcfd930 Request headers Referer https://pol88attacker.buzz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Fri, 30 Aug 2024 20:11:45 GMT Content-Encoding gzip Last-Modified Fri, 23 Aug 2024 21:08:37 GMT Server UploadServer ETag "715ee413fca49bb3f2712ca22eb34534" Vary Accept-Encoding Access-Control-Allow-Methods GET, OPTIONS Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control public, max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 8574 Expires Fri, 30 Aug 2024 21:11:45 GMT
POST H3	404	RecordHit Show response pol88attacker.buzz/api/census/	264 B 623 B	444ms 442ms	XHR text/html	2606:4700:3031::6815:2f89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pol88attacker.buzz/api/census/RecordHit Requested by Host: assets.squarespace.com URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-7598f4eb50a2ef12b555-min.en-US.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:2f89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc5734350a3fc19392e9419097b3f9e2bbcdd12cddec22791cb1b48a85e99484 Request headers Accept application/json, text/plain, */* Referer https://pol88attacker.buzz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Fri, 30 Aug 2024 20:11:46 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jp5JF0VnyAbewjwfYna1adTQ5HkCXXvhShogWFpzRlw1uu6QZSXIGiu4ceZIPI1vj9kPmIRYbkK1faokfTepqAgc65EjrSp9MIUIYNyDwJyUltpBFC35k18cVfoXmRP8%2FM2PQ5hbLNow9G82vd7WlPg%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cf-ray 8bb76e89cba64384-EWR alt-svc h3=":443"; ma=86400
POST H3	404	button-render Show response pol88attacker.buzz/api/census/	264 B 630 B	447ms 443ms	XHR text/html	2606:4700:3031::6815:2f89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pol88attacker.buzz/api/census/button-render Requested by Host: assets.squarespace.com URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-7598f4eb50a2ef12b555-min.en-US.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:2f89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc5734350a3fc19392e9419097b3f9e2bbcdd12cddec22791cb1b48a85e99484 Request headers Accept application/json, text/plain, */* Referer https://pol88attacker.buzz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-Type application/json Response headers date Fri, 30 Aug 2024 20:11:46 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y4TTYYvlrMy%2B5AQ9ZnJQKuBMV5W4Md5U0Fmn5VoiqF9O0UDK1R%2F2mppWZu2HtMmbBlDu1%2F15prwxQvHEi6WWMg%2Fe7LePUD5UrqPkOp8s%2BxO7ZcWXW43uF7LDsrggmQeZ6SDYf4d3bm5b%2FDBjYAAagTo%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cf-ray 8bb76e89cbac4384-EWR alt-svc h3=":443"; ma=86400
POST H3	404	button-render Show response pol88attacker.buzz/api/census/	264 B 623 B	445ms 442ms	XHR text/html	2606:4700:3031::6815:2f89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pol88attacker.buzz/api/census/button-render Requested by Host: assets.squarespace.com URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-7598f4eb50a2ef12b555-min.en-US.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:2f89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc5734350a3fc19392e9419097b3f9e2bbcdd12cddec22791cb1b48a85e99484 Request headers Accept application/json, text/plain, */* Referer https://pol88attacker.buzz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-Type application/json Response headers date Fri, 30 Aug 2024 20:11:46 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TK6H3T7bJrb9dcLEYCpyRFRPbTzw37uTZgHF7mh2JZ23Al6hzS0ytMvSBNnfwybsizwi%2FMsGZLW6zs9guikegd%2BxJ5ITzqlcqCbdcrQMsFguPafMAu34tbDo8foyMnQPDhc38uolFSVbONOjR0tVPsM%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cf-ray 8bb76e89cbad4384-EWR alt-svc h3=":443"; ma=86400
GET H2	200	p.gif p.typekit.net/	35 B 204 B	24ms 4ms	Image image/gif	2600:141b:b000::1736:a11b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://p.typekit.net/p.gif?s=2&k=646866_66d1e3f4e5f75448f8845e6e&ht=tk&h=pol88attacker.buzz&f=26060.26053.26061.26054&a=646866&js=1.21.0&app=typekit&e=js&_=1725048705673 Requested by Host: pol88attacker.buzz URL: https://pol88attacker.buzz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:b000::1736:a11b Newark, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39 Request headers Referer https://pol88attacker.buzz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 30 Aug 2024 20:11:45 GMT last-modified Thu, 28 Jul 2022 19:42:36 GMT server nginx etag "62e2e6ac-23" content-type image/gif access-control-allow-origin * cache-control public, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 35
GET H2	200	favicon.ico images.squarespace-cdn.com/content/v1/66d1e3f4e5f75448f8845e6e/a53c0c3b-0905-4205-91dc-92f37f5c750f/	36 KB 36 KB	13ms 12ms	Other image/gif	151.101.192.238 FASTLY
General Check archive.org Show headers Download Go to Full URL https://images.squarespace-cdn.com/content/v1/66d1e3f4e5f75448f8845e6e/a53c0c3b-0905-4205-91dc-92f37f5c750f/favicon.ico?format=100w Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.192.238 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 20aa17c52f61b502e93575aa6ee1de875121b33428d9d4db5084d39088aad0ff Request headers Referer https://pol88attacker.buzz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers tracepoint Fastly date Fri, 30 Aug 2024 20:11:45 GMT via 1.1 google, 1.1 varnish, 1.1 varnish age 10122 x-cache HIT, MISS content-length 36719 x-served-by cache-iad-kjyo7100134-IAD, cache-lga21958-LGA x-timer S1725048706.705809,VS0,VE10 etag COTT/vWDnYgDEAE= vary Accept-Encoding content-type image/gif access-control-allow-origin * access-control-expose-headers Content-Length, Timing-Allow-Origin cache-control max-age=31536000,s-maxage=31536000 accept-ranges bytes timing-allow-origin * x-sqsp-is-public true x-cache-hits 1, 0

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Typekit object| SQUARESPACE_ROLLUPS object| Static object| webpackChunk_sqs_polyfiller object| webpackChunkextract_css object| SQUARESPACE_I18N object| YUI_CONFIG function| YUI function| __extends function| __assign function| __rest function| __decorate function| __param function| __esDecorate function| __runInitializers function| __propKey function| __setFunctionName function| __metadata function| __awaiter function| __generator function| __exportStar function| __createBinding function| __values function| __read function| __spread function| __spreadArrays function| __spreadArray function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault function| __classPrivateFieldGet function| __classPrivateFieldSet function| __classPrivateFieldIn function| __addDisposableResource function| __disposeResources object| regeneratorRuntime function| _ object| core object| __sqsWebGL object| websiteComponents function| Common boolean| COMMON_ALREADY_RAN function| noop object| Singleton object| Class object| Squarespace object| UserAccountApi object| webpackChunknew_bedford_framework object| Y object| YUIStats string| _YUI_HISTORY_HASH_ENVIRONMENT_ID string| _yuid object| ESC_MANAGER object| Modernizr object| ImageLoader object| JSTween string| id object| __STATSIG__

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			pol88attacker.buzz/	1970-01-21 08:46:48	Name: ss_cvr Value: 246d90bb-e1be-432c-b20b-0879908d42f4|1725048705535|1725048705535|1725048705535|1
			pol88attacker.buzz/	1970-01-20 23:10:50	Name: ss_cvt Value: 1725048705535

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pol88attacker.buzz/api/census/RecordHit Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pol88attacker.buzz/api/census/button-render Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pol88attacker.buzz/api/census/button-render Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.squarespace.com
fonts.googleapis.com
fonts.gstatic.com
images.squarespace-cdn.com
p.typekit.net
pol88attacker.buzz
static1.squarespace.com
use.typekit.net
151.101.192.238
151.101.64.238
23.204.23.219
2600:141b:1c00:8::1728:b32c
2600:141b:b000::1736:a11b
2606:4700:3031::6815:2f89
2607:f8b0:4006:81e::200a
2607:f8b0:4006:820::2003
0e6b1caae382fc6d13a4eb006b327d80c3991937d8dc808479c845aa1b863bcd
129b3f7ddf4bee8c1a30382728b10c0f2386eb365827f1b8a6fedabe6b52e390
16b9ada1898d9d51a9dbee20d069ca52b8719ada9600a09f648c8ce2788eda1a
20aa17c52f61b502e93575aa6ee1de875121b33428d9d4db5084d39088aad0ff
23ff26f12694f81e922778c3614b1bf41450ae410d6c0e63e8a070999165d149
310523bedd45208f0ed31fa89a422f3df5fb330619de3d3597a0efc70cd82717
324ac0caa707e5f442d1739090dbadb1162746710c1c27f93d1691998fcfd930
37a5c139431341320b059df50c0721a603ec8f5da9e9879152a238b61f421fc5
38a80d6489cc9ddc3c676a3dc41265bde614225c284641b97f5b375723fa05d7
3dd64b4192d77bcb246f63f29cb8c18cf5126040b29aa5767c27225c53900cfd
423b74beedf0ad7dcb56cadfe978d5b04bd72f344da9592f2ff7573c314320de
4255b3e8937d02e114d491e449b5755a584038c54cf94bd38cf42fd0fe443ab6
54e832663426c696b1f603379026e5e15720e8c812bbbc60d63aa2ad8a479f75
5b52ca3c358fa7e400d3ae22c2bd04e2490790b5e5bab9f92fe398122abc87c1
62a2984a4e753023dffeca77ec4827433196e145009b74303bc2fa406186e95d
64a4179eacebdc578f7f744157833c680bf4574a460188eaf8c875d1cb056e0d
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
841ec96a41283cf23db2d69fe67d9beee3e9b222bccfe81ecf6edefc78e92151
851f6306bd352041009fdb4f3d399f68d18d54fc9aef4529bc964b80861895d0
85c3a5594b6b182be2065368bbd934dfd6f8686e377d6067439aeb06dc281507
8a4b7dd2497ec37fc2cad39a9a11bb20d54a8392d9a79ada17d746da704c70e8
8e815de943351493b2d3859da2d958f71f6d7e46d7ba2aed29fb6d2bc0c2b08a
94749a9a2a419c6962ea8c3634aee02da5fc8fc73054dc956eeadf710ec90bd5
96ba7205f114ccc78cdf3a7b7abe973106c8071f7d3927eb32fc70c86ad374e4
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a61ddd7c4db00fa694a870c95e1d2afa9fa3bf7034d92c8f68a341fc21edb053
a6f6df05e0eec1aaaa4bcc1c5f8851df81e80f45285ce40507b660f67ad4fcd1
b954198572862c7877d5cf3b552d80e3497e8a782b18dd3dfddfacd07478e2fd
c33f557229351679015a21d028a2c4d6ba6baac1f8c0f5d5099666a76f440b9f
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
e2dc68f1fb0407b9c45f9812724ca24c1de882cb499812e8efebaab5f997f8f6
ed6051a0f73e874c8f9022913259d82e4ce1e20931143d198fb3897a6bbc4239
fc5734350a3fc19392e9419097b3f9e2bbcdd12cddec22791cb1b48a85e99484